147 Commits

Author SHA1 Message Date
Brad Fitzpatrick
41fd4eab5c envknob: add new package for all the strconv.ParseBool(os.Getenv(..))
A new package can also later record/report which knobs are checked and
set. It also makes the code cleaner & easier to grep for env knobs.

Change-Id: Id8a123ab7539f1fadbd27e0cbeac79c2e4f09751
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2022-01-24 11:51:23 -08:00
Brad Fitzpatrick
2aeb93003f derp: add metrics to server got pings, sent pongs
Updates #3652

Change-Id: I1d350bcaee39ea36b0c71912028624d18fb541b4
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2022-01-03 14:04:20 -08:00
Brad Fitzpatrick
63d9c7b9b3 derp: add Client.LocalAddr method
So magicsock can later ask a DERP connection whether its source IP
would've changed if it reconnected.

Updates #3619

Change-Id: Ibc8810340c511d6786b60c78c1a61c09f5800e40
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2021-12-28 15:13:53 -08:00
Brad Fitzpatrick
434af15a04 derp: support client->server ping (and server->client pong)
In prep for a future change to have client ping derp connections
when their state is questionable, rather than aggressively tearing
them down and doing a heavy reconnect when their state is unknown.

We already support ping/pong in the other direction (servers probing
clients) so we already had the two frame types, but I'd never finished
this direction.

Updates #3619

Change-Id: I024b815d9db1bc57c20f82f80f95fb55fc9e2fcc
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2021-12-27 14:49:50 -08:00
David Anderson
84c3a09a8d types/key: export constants for key size, not a method.
Signed-off-by: David Anderson <danderson@tailscale.com>
2021-10-29 17:39:04 -07:00
David Anderson
c1d009b9e9 ipn/ipnstate: use key.NodePublic instead of the generic key.Public.
Updates #3206.

Signed-off-by: David Anderson <danderson@tailscale.com>
2021-10-29 10:00:59 -07:00
David Anderson
1f06f77dcb derp: remove package shadowing of types/key.
Updates #3206

Signed-off-by: David Anderson <danderson@tailscale.com>
2021-10-28 16:13:28 -07:00
David Anderson
37c150aee1 derp: use new node key type.
Update #3206

Signed-off-by: David Anderson <danderson@tailscale.com>
2021-10-28 16:02:11 -07:00
Brad Fitzpatrick
73f177e4d5 derp: throttle client sends if server advertises rate limits
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2021-09-16 09:21:55 -07:00
Brad Fitzpatrick
fc160f80ee metrics: move currentFDs code to the metrics package
Updates #2784

Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2021-09-02 11:14:14 -07:00
Brad Fitzpatrick
73280595a8 derp: accept dup clients without closing prior's connection
A public key should only have max one connection to a given
DERP node (or really: one connection to a node in a region).

But if people clone their machine keys (e.g. clone their VM, Raspbery
Pi SD card, etc), then we can get into a situation where a public key
is connected multiple times.

Originally, the DERP server handled this by just kicking out a prior
connections whenever a new one came. But this led to reconnect fights
where 2+ nodes were in hard loops trying to reconnect and kicking out
their peer.

Then a909d37a59f6e36f47209db4e6b16497715f8de9 tried to add rate
limiting to how often that dup-kicking can happen, but empirically it
just doesn't work and ~leaks a bunch of goroutines and TCP
connections, tying them up for hour+ while more and more accumulate
and waste memory. Mostly because we were doing a time.Sleep forever
while not reading from their TCP connections.

Instead, just accept multiple connections per public key but track
which is the most recent. And if two both are writing back & forth,
then optionally disable them both. That last part is only enabled in
tests for now. The current default policy is just last-sender-wins
while we gather the next round of stats.

Updates #2751

Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2021-08-31 08:21:21 -07:00
Brad Fitzpatrick
ffd22050c0 derp: export current file descriptor metric 2021-08-29 15:17:34 -07:00
slowy07
ac0353e982 fix: typo spelling grammar
Signed-off-by: slowy07 <slowy.arfy@gmail.com>
2021-08-24 07:55:04 -07:00
Brad Fitzpatrick
f35b8c3ead derp: fix meshing accounting edge case bug
If a peer is connected to multiple nodes in a region (so
multiForwarder is in use) and then a node restarts and re-sends all
its additions, this bug about whether an element is in the
multiForwarder could cause a one-time flip in the which peer node we
forward to.  Note a huge deal, but not written as intended.

Thanks to @lewgun for the bug report in #2141.

Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2021-08-21 19:54:55 -07:00
Brad Fitzpatrick
fd7b738e5b derp: use pad32 package for padding, reduce duplication
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2021-08-04 14:43:01 -07:00
Brad Fitzpatrick
7298e777d4 derp: reduce server memory by 30% by removing persistent bufio.Writer
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2021-08-02 10:17:56 -07:00
Brad Fitzpatrick
b622c60ed0 derp,wgengine/magicsock: don't assume stringer is in $PATH for go:generate
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2021-08-01 19:14:08 -07:00
Brad Fitzpatrick
a909d37a59 derp: rate limit how often same-key clients can kick each other off server
Updates #392
Updates #506

Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2021-07-20 09:31:43 -07:00
Josh Bleecher Snyder
4dbbd0aa4a cmd/addlicense: add command to add licenseheaders to generated code
And use it to make our stringer invocations match the existing code.

Signed-off-by: Josh Bleecher Snyder <josh@tailscale.com>
2021-07-19 15:31:56 -07:00
maddie
d976a84d7e derp: allow self node when verifying clients
Fixes #2408

Signed-off-by: Maddie Zhan <maddie.zhan@cynovan.com>
2021-07-13 08:37:37 -07:00
Brad Fitzpatrick
4c0494185b derp: remove "fine for now" intentional slow memory leak from derp server
It was once believed that it might be useful. It wasn't. We never used it.

Remove it so we don't slowly leak memory.

Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2021-07-13 08:21:54 -07:00
David Anderson
d98829583a derp: use a dedicated queue for disco traffic.
Signed-off-by: David Anderson <danderson@tailscale.com>
2021-07-12 14:23:27 -07:00
David Anderson
67158549ab derp: actually export the new drop counter.
Signed-off-by: David Anderson <danderson@tailscale.com>
2021-07-12 13:32:04 -07:00
David Anderson
36492ace9d derp: add counters to track the type of dropped packets.
Signed-off-by: David Anderson <danderson@tailscale.com>
2021-07-12 13:15:59 -07:00
julianknodt
148602a89a derp,cmd/derper: allow server to verify clients
This adds a flag to the DERP server which specifies to verify clients through a local
tailscaled. It is opt-in, so should not affect existing clients, and is mainly intended for
users who want to run their own DERP servers. It assumes there is a local tailscaled running and
will attempt to hit it for peer status information.

Updates #1264

Signed-off-by: julianknodt <julianknodt@gmail.com>
2021-06-24 14:11:16 -07:00
julianknodt
3687e5352b derp: fix traffic handler peer addresses
Before it was using the local address and port, so fix that.
The fields in the response from `ss` are:

State, Recv-Q, Send-Q, Local Address:Port, Peer Address:Port, Process

Signed-off-by: julianknodt <julianknodt@gmail.com>
2021-06-18 16:14:26 -07:00
julianknodt
3728634af9 derp: add debug traffic handler
This adds a handler on the DERP server for logging bytes send and received by clients of the
server, by holding open a connection and recording if there is a difference between the number
of bytes sent and received. It sends a JSON marshalled object if there is an increase in the
number of bytes.

Signed-off-by: julianknodt <julianknodt@gmail.com>
2021-06-18 15:47:55 -07:00
julianknodt
fe54721e31 derp: add pkt queue latency timer
It would be useful to know the time that packets spend inside of a queue before they are sent
off, as that can be indicative of the load the server is handling (and there was also an
existing TODO). This adds a simple exponential moving average metric to track the average packet
queue duration.
Changes during review:
Add CAS loop for recording queue timing w/ expvar.Func, rm snake_case, annotate in milliseconds,
convert

Signed-off-by: julianknodt <julianknodt@gmail.com>
2021-06-11 09:41:06 -07:00
David Anderson
54e6c3a290 version: use OSS repo's version when building.
When building with redo, also include the git commit hash
from the proprietary repo, so that we have a precise commit
that identifies all build info (including Go toolchain version).

Add a top-level build script demonstrating to downstream distros
how to burn the right information into builds.

Adjust `tailscale version` to print commit hashes when available.

Fixes #841.

Signed-off-by: David Anderson <danderson@tailscale.com>
2020-10-28 16:17:21 -07:00
Brad Fitzpatrick
169ff22a84 derp: set NotBefore and NotAfter in DERP server's metacert
Fixes regression from e4159912560d611ee23ba187ceb14c0de1ff3d82 that
only affected Windows users because Go only on Windows delegates x509
cert validation to the OS and Windows as unhappy with our "metacert"
lacking NotBefore and NotAfter.

Fixes #705
2020-08-24 14:57:44 -07:00
Brad Fitzpatrick
e415991256 derp, derp/derphttp: remove one RTT from DERP setup
* advertise server's DERP public key following its ServerHello
* have client look for that DEPR public key in the response
  PeerCertificates
* let client advertise it's going into a "fast start" mode
  if it finds it
* modify server to support that fast start mode, just not
  sending the HTTP response header

Cuts down another round trip, bringing the latency of being able to
write our first DERP frame from SF to Bangalore from ~725ms
(3 RTT) to ~481ms (2 RTT: TCP and TLS).

Fixes #693

Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2020-08-20 14:00:55 -07:00
Brad Fitzpatrick
805850add9 derp: remove JSON struct tags in comments
They don't work in comments.

Added a test too to show that there's no change in behavior.
(It does case insensitive matching on parse anyway)
2020-08-19 14:36:43 -07:00
Brad Fitzpatrick
93ffc565e5 derp: remove protocol version 1 support
It hasn't existed for a long time and there are no current users.

Fixes #199
2020-08-17 16:17:56 -07:00
Josh Bleecher Snyder
062bd67d3b derp: use rand instead of crypto/rand to generate jitter
We don't need crypto/rand. Let the OS keep its entropy bits.

Signed-off-by: Josh Bleecher Snyder <josharian@gmail.com>
2020-08-13 14:06:50 -07:00
David Anderson
37c19970b3 derp: add a debug option to verbosely log drops to a destination.
Signed-off-by: David Anderson <danderson@tailscale.com>
2020-08-12 15:27:01 -07:00
Josh Bleecher Snyder
909c165382 derp: remove two key.Public allocations
Reading and writing a [32]byte key to a bufio.Reader/bufio.Writer
can easily by done without allocating. Do so.

It is slower; on my machine, it adds about 100ns per read/write.
However, the overall request takes a minimum of several µs,
and it cuts allocations meaningfully, so it is probably worth it.

name                      old time/op    new time/op    delta
SendRecv/msgsize=10-8       9.21µs ± 9%    9.08µs ± 8%     ~     (p=0.250 n=15+15)
SendRecv/msgsize=100-8      6.51µs ± 9%    6.60µs ± 7%     ~     (p=0.259 n=15+13)
SendRecv/msgsize=1000-8     7.24µs ±13%    7.61µs ±36%     ~     (p=1.000 n=11+15)
SendRecv/msgsize=10000-8    19.5µs ±15%    19.9µs ±25%     ~     (p=0.890 n=14+15)

name                      old speed      new speed      delta
SendRecv/msgsize=10-8     1.09MB/s ± 8%  1.10MB/s ± 8%     ~     (p=0.286 n=15+15)
SendRecv/msgsize=100-8    15.4MB/s ± 8%  15.1MB/s ± 6%     ~     (p=0.129 n=15+12)
SendRecv/msgsize=1000-8    139MB/s ±15%   135MB/s ±28%     ~     (p=1.000 n=11+15)
SendRecv/msgsize=10000-8   516MB/s ±17%   506MB/s ±21%     ~     (p=0.880 n=14+15)

name                      old alloc/op   new alloc/op   delta
SendRecv/msgsize=10-8         170B ± 1%      108B ± 1%  -36.63%  (p=0.000 n=15+15)
SendRecv/msgsize=100-8        265B ± 1%      203B ± 1%  -23.34%  (p=0.000 n=15+15)
SendRecv/msgsize=1000-8     1.18kB ± 1%    1.12kB ± 0%   -5.31%  (p=0.000 n=14+14)
SendRecv/msgsize=10000-8    18.8kB ± 2%    18.8kB ± 2%     ~     (p=0.443 n=12+12)

name                      old allocs/op  new allocs/op  delta
SendRecv/msgsize=10-8         4.00 ± 0%      2.00 ± 0%  -50.00%  (p=0.000 n=15+15)
SendRecv/msgsize=100-8        4.00 ± 0%      2.00 ± 0%  -50.00%  (p=0.000 n=15+15)
SendRecv/msgsize=1000-8       4.00 ± 0%      2.00 ± 0%  -50.00%  (p=0.000 n=15+15)
SendRecv/msgsize=10000-8      5.00 ± 0%      3.00 ± 0%  -40.00%  (p=0.000 n=13+14)

Signed-off-by: Josh Bleecher Snyder <josharian@gmail.com>
2020-08-12 15:15:58 -07:00
Brad Fitzpatrick
75225368a4 derp: fix 32-bit struct field alignment 2020-08-11 13:50:16 -07:00
David Anderson
15949ad77d derp: export the new expvar. 2020-08-11 19:59:08 +00:00
David Anderson
13661e195a derp: rename "wireguard" packet type to "other".
Strictly speaking, we don't know that it's a wireguard packet, just that
it doesn't look like a disco packet.

Signed-off-by: David Anderson <danderson@tailscale.com>
2020-08-11 19:30:39 +00:00
David Anderson
1b5b59231b derp: break down received packets by kind (disco vs. wireguard).
Signed-off-by: David Anderson <danderson@tailscale.com>
2020-08-11 19:16:28 +00:00
Josh Bleecher Snyder
b23f2263c1 derp: add server version to /debug, expvars
This will make it easier for a human to tell what
version is deployed, for (say) correlating line numbers
in profiles or panics to corresponding source code.

It'll also let us observe version changes in prometheus.

Signed-off-by: Josh Bleecher Snyder <josh@tailscale.com>
2020-08-07 12:46:02 -07:00
David Anderson
c3994fd77c derp: remove OnlyDisco option.
Active discovery lets us introspect the state of the network stack precisely
enough that it's unnecessary, and dropping the initial DERP packets greatly
slows down tests. Additionally, it's unrealistic since our production network
will never deliver _only_ discovery packets, it'll be all or nothing.

Signed-off-by: David Anderson <danderson@tailscale.com>
2020-07-27 14:09:54 -07:00
Brad Fitzpatrick
52969bdfb0 derp: fix atomic padding on 32-bit again
Broken by earlier OnlyDisco addition.
2020-07-16 13:38:21 -07:00
Brad Fitzpatrick
a6559a8924 wgengine/magicsock: run test DERP in mode where only disco packets allowed
So we don't accidentally pass a NAT traversal test by having DERP pick up our slack
when we really just wanted DERP as an OOB messaging channel.
2020-07-16 12:58:35 -07:00
Brad Fitzpatrick
c1cabe75dc derp: fix server struct fielfd alignment on 32-bit
Mostly so the GitHub CI will pass on 32-bit.
2020-07-07 09:08:15 -07:00
Brad Fitzpatrick
4732722b87 derp: add frameClosePeer to move around clients within a region
For various reasons (mostly during rollouts or config changes on our
side), nodes may end up connecting to a fallback DERP node in a
region, rather than the primary one we tell them about in the DERP
map.

Connecting to the "wrong" node is fine, but it's in our best interest
for all nodes in a domain to connect to the same node, to reduce
intra-region packet forwarding.

This adds a privileged frame type used by the control system that can
kick off a client connection when they're connected to the wrong node
in a region. Then they hopefully reconnect immediately to the correct
location. (If not, we can leave them alone and stop closing them.)

Updates tailscale/corp#372
2020-06-25 09:33:10 -07:00
Brad Fitzpatrick
dd43d9bc5f derp: fix varz typo
Updates tailscale/corp#391
2020-06-25 08:43:28 -07:00
Brad Fitzpatrick
b87396b5d9 cmd/derper, derp: add some more varz and consistency check handler
I'm trying to hunt down a slow drift in numbers not agreeing.
2020-06-23 14:01:51 -07:00
Brad Fitzpatrick
6fbd1abcd3 derp: update peerGone code to work with regional DERP mesh clusters too
Updates #150
Updates #388
2020-06-22 10:06:42 -07:00
Brad Fitzpatrick
07ca0c1c29 derp: fix tracking problem if conn starts local, then also joins mesh peer 2020-06-05 12:53:43 -07:00